24 of 24 Permanent MITRE ATT&CK Jobs in London

red team automation Detection Engineering Collaboration : Ability to translate offensive findings into detection logic and partner with SOC teams to improve alerting and response. Threat Modelling & MITRE ATT&CK : Strong understanding of attacker TTPs and ability to map findings to frameworks like MITRE ATT&CK and the Cyber Kill Chain. … red/purple teaming, adversary emulation, and vulnerability exploitation. - Proficiency with tools such as Cobalt Strike, Metasploit, Burp Suite, BloodHound, and custom scripting. - Strong understanding of MITRE ATT&CK, cyber kill chain, and threat-informed defense. - Experience integrating offensive security into CI/CD pipelines and cloud-native environments. - Relevant certifications (e.g., OSCP, OSCE, CRTO More ❯

correlation logic to reduce dwell time and improve detection accuracy. Collaborate with threat intelligence teams to ensure real-time enrichment of event data and alignment with MITRE ATT&CK adversary tactics. Program & Capability Development Build the CCM capability from the ground up, defining the operating model, reporting cadence, and engagement with SOC, risk, and compliance. … threat intelligence platforms. Expertise in metrics-driven monitoring: defining, tracking, and reporting MTTD, MTTR, false positive rates, and coverage completeness. Familiarity with frameworks like NIST CSF, MITRE ATT&CK, and ISO 27001, with experience applying these to monitoring. Experience in threat hunting, anomaly detection, and behavioral analytics. Strong leadership skills: able to recruit, mentor, and More ❯

tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel, coordinate incident response. Threat Modelling & Use Case Development: Apply MITRE ATT&CK, STRIDE, and Kill Chain frameworks to build detection use cases. Reporting & Collaboration: Build security dashboards, produce reporting packs, and guide junior analysts and engineers. Client & Project … preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing, and network traffic analysis. Familiarity with ITIL processes (Incident, Problem, Change). Excellent stakeholder communication, with the ability to mentor More ❯

Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding and working knowledge of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR More ❯

Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding and working knowledge of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR More ❯

Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding and working knowledge of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR More ❯

Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding and working knowledge of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR More ❯

recognized certifications such as CISSP, GIAC, CEH, or CompTIA CASP. - Deep knowledge of security technologies (SIEM, SOAR, EDR, IDS/IPS, DLP, etc.), adversarial tactics (e.g., MITRE ATT&CK), and experience with incident response and security architecture. - Hands-on experience with security tools, including FortiSIEM, McAfee, Darktrace, Microsoft Sentinel, and more. - Understanding of compliance frameworks More ❯

experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR You More ❯

experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR You More ❯

experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR You More ❯

experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR You More ❯

internationally. Qualifications and Experience Extensive professional experience in digital forensics, cyber investigations, financial crime, or compliance. Proven knowledge in cyber incident response, investigations, and best practices (MITRE ATT&CK, NPCC, NIST, SANS). Expertise in multiple operating systems, particularly Microsoft and Linux, on-premise and cloud services like Microsoft 365/Azure, Google Workspace, and More ❯

containerised environments. Experience in building or maturing security culture initiatives, including awareness programs, gamified training, or executive engagement. Experience with security testing tools and frameworks (e.g., MITRE ATT&CK, Cobalt Strike, Metasploit, Burp Suite, or similar). About the job The UK Security Operations (SecOps) team in Google Public Sector delivers, operates and secures private More ❯

IPS and NDR systems, ensuring real-time monitoring and threat detection Ability to implement comprehensive security controls, from proactive threat modelling (using frameworks like STRIDE or MITRE ATT&CK) to low-overhead in-kernel monitoring, using tools like eBPF, to balance performance, risk, and business objectives Strong understanding of fundamental algorithms and data structures, which More ❯

technical concepts of cloud security, data ecosystem and the Incident Response process lifecycle. Understand industry wide security terms and models: NIST, ISO/IEC 27001, OWASP, MITRE ATT&CK for Cloud Enterprise. Proven ability to build relationships and propel momentum with clients and stakeholders. About Databricks Databricks is the data and AI company. More than More ❯

Ability to develop code with at least one modern language such as Java, Go, TypeScript, Python, Rust and security code review PREFERRED QUALIFICATIONS Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow) Have awareness and understanding of current cyber security threats, actors and More ❯

response. About you Strong experience across both offensive and defensive cyber security disciplines. Deep understanding of attacker tactics, techniques, and procedures (TTPs), with expertise in the MITRE ATT&CK Framework. Hands-on technical knowledge in cyber detection engineering, security tools, and infrastructure. Skilled in Detection-as-Code and experienced with SIEM query languages. Confident communicator More ❯

Experience leading and coaching junior security engineers to improve their skills and effectiveness PREFERRED QUALIFICATIONS BS or MS in a STEM related field. Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow) Have awareness and understanding of current cyber security threats, actors and More ❯

engineering and technology, preferably in Financial Services, Technology, or a related field. Experience analyzing cybersecurity incidents using industry standard frameworks such as Cyber Kill Chain and MITRE ATT&CK. Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem. Strong knowledge of AWS Security, specifically in areas More ❯

engineering and technology, preferably in Financial Services, Technology, or a related field. Experience analyzing cybersecurity incidents using industry standard frameworks such as Cyber Kill Chain and MITRE ATT&CK. Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem. Strong knowledge of AWS Security, specifically in areas More ❯

engineering and technology, preferably in Financial Services, Technology, or a related field. Experience analyzing cybersecurity incidents using industry standard frameworks such as Cyber Kill Chain and MITRE ATT&CK. Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem. Strong knowledge of AWS Security, specifically in areas More ❯

engineering and technology, preferably in Financial Services, Technology, or a related field. Experience analyzing cybersecurity incidents using industry standard frameworks such as Cyber Kill Chain and MITRE ATT&CK. Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem. Strong knowledge of AWS Security, specifically in areas More ❯

investigation to collaborating with the Head of SOC to contain and resolve threats. Ideally you will have experience with Splunk, threat detection and have worked with MITRE ATT&CK. This role offers the chance to work in a fast-paced, global environment with opportunities to grow your technical and strategic skills. £70,000 base plus excellent benefits More ❯